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DETAILED ACTION 

1. This is a non-Final Office Action in response to the applicant's commiinication filed on 
November 02, 2007. 

2. Claims 1-11 have been examined and are pending. 

Priority 

3. Receipt is acknowledged of papers submitted under 35 U.S.C. 1 19(a)-(d), which papers 
have been placed of record in the file. 

Information Disclosure Statement 

4. The information disclosure statements (IDS) submitted on November 02, 2007 and 
February 03, 2006 are in compliance with the provisions of 37 CFR 1.97 and accordingly, the 
information disclosure statement have been considered by the examiner. 

Oath/Declaration 

5. The Oath filed on June 28, 2006 complies with all the requirements set forth in MPEP 
602 and therefore accepted. 



6. 



Claim Objections 

Claims 2-8 are objected to because of the following informalities: 
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In claims 2-8: line 1, "An Authentication server" should be "The Authentication server". 
Appropriate correction is required. 

In claim 1: line 5, "the server" should be either "the authentication server" or "the service 
server". Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

7. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

8. Claims 1, 10 and 1 1 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

Claim 1 recites "An authentication server for automatically selecting one of a plurality of 
authentications". Use of the word "server" does not inherently mean that the claim is directed to 
a machine. Only if at least one of the claimed elements of the server is a physical part of a 
device can the server as claimed constitute part of a device or a combination of devices to be a 
machine within the meaning of 101. Claim 1 is directed to comprise [a selector arrangement 
for selecting an authentication identifier in a memory and an authentication arrangement for 
authenticating said user], and these claimed elements are not a processes occurring as a result of 
executing the software program, not a machine programmed to operate in accordance with the 
software program, not a manufacturer structurally and fiinctionally interconnected with the 
program in a manner which enables the software program to act as a computer component and 
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realize its functionality. They are also clearly not directed to a composition of matter. Therefore, 
claim 1, to those of ordinary skill in the art, may all be reasonably implemented as a 
software routines and therefore claim 1 is rejected as an authentication server of software or 
program per se, failing to fall within a statutory category of invention and rejected as non- 
statutory under 35 USC 101. 

Even though applicant has invoked the rebuttable presumption that 35 USC 112, 6'*' 
paragraph applies in the claim interpretation of the "a selector arrangement for selecting an 
authentication identifier in a memory and an authentication arrangement for authenticating 
said user" corresponding structure in the disclosure is not automatically and inherently limited to 
hardware-inclusive embodiments. It is entirely possible for the corresponding disclosed "means" 
to cover an embodiment of software alone. 

[See the applicant's disclosure for indicating the invention implemented as a 
program: 0075 and Figure 1: Authentication Server SA]: "the invention applies equally to a 
computer program adapted to implement the invention, in particular a computer program 
on or in an information medium. This program may use any programming language and be in 
the form of source code, object code, or an intermediate code between source code and 
intermediate code, such as in a partially compiled form, or in any other form suitable for 
implementing a method of the invention". 

Claim 10 recites "A computer program on an information medium". Claim 10 is 
directed to a program itself, not a process occurring as a result of executing the program, a 
machine programmed to operate in accordance with the program nor a manufacturer structurally 
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interconnected with the program in a manner which enables the program to act as a computer 
component and realize its functionality. In addition, the "information medium" would suggest to 
one of ordinary skill signals or other forms of propagation and transmission media, typewritten 
or handwritten text on paper, or other items failing to be an appropriate manufacturer under 35 
use 101 in the context of computer-related inventions [See the applicant's disclosure for 
medium : 0075]. Therefore, claim 10 fails to fall within a statutory category of invention and 
rejected as non-statutory. 

Claim 1 1 recites "A data processor arrangement for performing the method of claim 9" 
and is directed to a data processor arrangement. Claim 10 is not directed to a Process within the 
meaning of 101, since it is not a series of steps or acts being performed. It is not directed to a 
Machine since is not a part of a device or a combination of devices. It is not a Manufacturer 
within the meaning of 101, since it is not an article produce from raw or prepared materials. It is 
also not a Composition of Matter within the meaning of 101, since it not a combination of two or 
more substances nor does it have any mass to be matter. Therefore, claim 1 1 fails to fall within a 
statutory category of invention and rejected as non-statutory. 

Double Patenting 

9. A rejection based on double patenting of the "same invention" type finds its support in 
the language of 35 U.S.C. 101 which states that "whoever invents or discovers any new and 
useful process ... may obtain a patent therefor ..." (Emphasis added). Thus, the term "same 
invention," in this context, means an invention drawn to identical subject matter. See Miller v. 
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Eagle Mfg. Co., 151 U.S. 186 (1894); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957); 
and In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970). 

A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by 
canceling or amending the conflicting claims so they are no longer coextensive in scope. The 
filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 
U.S.C. 101. 

Claims 1-11 are provisionally rejected under 35 U.S.C. 101 as claiming the same 
invention as that of claims 1-1 1 of copending Application No. 1 1/346,21 1 . This is a provisional 
double patenting rejection since the conflicting claims have not in fact been patented. 

Claim Rejections - 35 USC § 103 

10. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

11. Claims 1-11 are rejected under 35 U.S.C. 103(a) as being unpatentable over Sawa et al. 
(hereinafter referred to as, Sawa, US Pub. No.: 2003/0097593) in view of Ritola et al. 
(hereinafter referred to as Ritola, US Pub. No.: 2005/0289341). 



As per claim 1 : 
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Sawa discloses an authentication server for automatically selecting one of a plurality of 
authentications identified respectively by authentication identifiers in order to authenticate a user 
of a terminal in order to authorize the user to access a service dispensed by a service server of a 
provider identified by a provider identifier via a communication network the server comprising: 

a selector arrangement for selecting an authentication identifier in a memory as a function 
of the type of at least one of said terminal and said communication network (0044; 0048; 0049; 
0053; 0056: an authentication method suitable for the user terminal is selected, by using the data 
of a request for service from a user terminal and various types of authentication methods are 
supported, and accordingly various types of terminals can be supported. The terminal 
information object preparation process, the carrier or communication employer and type of user 
terminal that issues an HTTP request are specified). 

an authentication arrangement for authenticating said user by using an authentication 
process associated with said authentication identifier (0058; 0059: Using the determined 
authentication method, various types of data, for example, a user's name, passwords, etc., 
required for the authentication process are obtained, and an authentication database is accessed, 
thereby checking the validity of a user terminal). 

Sawa does not explicitly teach the authentication identifier as a fiinction of the provider 
identifier. Ritola, in analogous art, however teaches the authentication identifier as a fiinction of 
the provider identifier (0048; 0051; 0052; provides service if authentication by identity provider 
identifier corresponding to each service provider stored in memory of the terminal is successfiil). 
Therefore, it would have been obvious to a person having ordinary skill in the art at the time the 
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invention was made to modify the system disclosed by Sawa to include the authentication 
identifier as a function of the provider identifier. This modification would have been obvious 
because a person having ordinary skill in the art would have been motivated to do so to provide a 
reliable and more secure automated authentication method and system fi-om a service provider's 
authentications request without a user intervention as suggested by Ritola in (0005; 0006). 

As per claim 2: 

Sawa discloses an authentication server, wherein said selector arrangement is arranged to 
select said authentication identifier as a function of an authentication security level (0058: set 
selected authentication method with a high security level as the authentication method with high 
priority). Sawa does not explicitly teach authentication identifier a function to said provider 
identifier. Ritola, in analogous art, however teaches authentication identifier in corresponding 
relationship to said provider identifier (0048; 0051; 0052; provides service if authentication by 
identity provider identifier corresponding to each service provider stored in memory of the 
terminal is successful). See motivation given in claim 1. 

As per claim 3: 

Sawa discloses an authentication server, wherein said selector arrangement is arranged to 
select said authentication identifier as a fiinction of authentication rules associated with and 
applied to at least an authentication security level corresponding to said terminal type and said 
communication network type (0069-0070; matrix for determining authentication method in the 
authentication method decision process). Sawa does not explicitly teach authentication identifier 
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a function to said provider identifier. Ritola, in analogous art, however teaches authentication 
identifier in corresponding relationship to said provider identifier (0048; 0051; 0052; provides 
service if authentication by identity provider identifier corresponding to each service provider 
stored in memory of the terminal is successful). See a motivation given in claim 1 . 

As per claim 4: 

Sawa discloses an authentication server, wherein said service server comprises a 
transmitter for transmitting at least one of said terminal type and said communication network 
type to said selector arrangement in response to a connection set up between said user terminal 
and said service server (0097; content of HTTP header analysis for carrier type and terminal type 
). Sawa does not explicitly teach a transmitter for transmitting said provider identifier. Ritola, in 
analogous art, however teaches a transmitter for transmitting said provider identifier (Figure 4: 
identity provider identifier authentication request response communication). See a motivation 
given in claim 1 . 

As per claim 5: 

Sawa does not explicitly teach an authentication server, wherein said selector 
arrangement is arranged to transmit to said terminal a list of services identified by service 
identifiers in response to a connection set up between said user terminal and said selector 
arrangement, and said user terminal is arranged to transmit to said selector arrangement a service 
identifier of a service selected by said user in the transmitted list in order for said selector or 
arrangement to select said authentication identifier as a function also of said selected service 
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identifier. Ritola, in analogous art, however teaches an authentication server, wherein said 
selector arrangement is arranged to transmit to said terminal a list of services identified by 
service identifiers in response to a connection set up between said user terminal and said selector 
arrangement, and said user terminal is arranged to transmit to said selector arrangement a service 
identifier of a service selected by said user in the transmitted list in order for said selector or 
arrangement to select said authentication identifier as a function also of said selected service 
identifier (Figure 5:51 select different single sign authentication module corresponding to each 
service provider by selecting identity provider 57; Figure 4: identity provider identifier 
authentication request and response communication between terminal and service provider). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to modify the system disclosed by Sawa to include an 
authentication server, wherein said selector arrangement is arranged to transmit to said terminal a 
list of services identified by service identifiers in response to a connection set up between said 
user terminal and said selector arrangement, and said user terminal is arranged to transmit to said 
selector arrangement a service identifier of a service selected by said user in the transmitted list 
in order for said selector or arrangement to select said authentication identifier as a fiinction also 
of said selected service identifier. This modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so to provide a reliable and 
more secure automated authentication method and system from a service provider's 
authentications request without a user intervention as suggested by Ritola in (0005; 0006). 



As per claim 6: 
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Ritola discloses an authentication server, wherein said selector arrangement is arranged to 
transmit said terminal a list of provider identifiers in response to a connection set up between 
said user terminal and said selector arrangement and said terminal is arranged to transmit to said 
selector arrangement a provider identifier selected by said user in the transmitted list in order for 
said selector arrangement to select said authentication identifier as a function of said selected 
provider identifier (0051; 0052: IDP displays a list of identity providers that are acceptable by 
service provider and terminal; a user selects a particular provider identifier and sends an 
authentication request). 

As per claim 7: 

Sawa discloses an authentication server, wherein, if said user has been authenticated, the 
authenticator arrangement is arranged to transmit to said service server said terminal type, said 

communication network type, said transmitted service identifier, and a security level of the 
authentication designated by said selected authentication identifier (0095; 0096; 101; terminal 
information object cache). 

As per claim 8: 

Sawa discloses an authentication server, further comprising two separate servers 
respectively including said selector arrangement and said authenticator arrangement (0051; 0052; 
mobile agent server; web server, and mobile agent; mobile agent for selecting an authentication 
method). 



Application/Control Number: 10/566,945 Page 12 

Art Unit: 2437 

As per claim 9: 

Sawa discloses a method of automatically selecting one of a plurality of authentications 
identified respectively by authentication identifiers in order to authenticate a user of a terminal to 
authorize said user to access a service dispensed by a service server of a provider identified by a 
provider identifier via a communication network, the method comprising: 

selecting an authentication identifier in a memory as a function of the type of at least one 
of said terminal and said communication network (0044; 0048; 0049; 0053; 0056: an 
authentication method suitable for the user terminal is selected, by using the data of a request for 
service from a user terminal and various types of authentication methods are supported, and 
accordingly various types of terminals can be supported. The terminal information object 
preparation process, the carrier or communication employer and type of user terminal that issues 
an HTTP request are specified), and 

authenticating said user by an authentication process associated with said authentication 
identifier (0058; 0059: Using the determined authentication method, various types of data, for 
example, a user's name, passwords, etc., required for the authentication process are obtained, and 
an authentication database is accessed, thereby checking the validity of a user terminal). 

Sawa does not explicitly teach the authentication identifier as a function of the provider 
identifier. Ritola, in analogous art, however teaches the authentication identifier as a function of 
the provider identifier (0048; 0051; 0052; provides service if authentication by identity provider 
identifier corresponding to each service provider stored in memory of the terminal is successfiil). 
Therefore, it would have been obvious to a person having ordinary skill in the art at the time the 



Application/Control Number: 10/566,945 Page 13 

Art Unit: 2437 

invention was made to modify the system disclosed by Sawa to include the authentication 
identifier as a function of the provider identifier. This modification would have been obvious 
because a person having ordinary skill in the art would have been motivated to do so to provide a 
reliable and more secure automated authentication method and system fi-om a service provider's 
authentications request without a user intervention as suggested by Ritola in (0005; 0006). 

As per claim 10: 

Sawa discloses a computer program on an information medium: adapted to be loaded into 
and executed by an authentication server for automatically selecting one of a plurality of 
authentications respectively identified by authentication identifiers in order to authenticate a user 
of a terminal in order to authorize said user to access a service dispensed by a service server of a 
provider identified by a provider identifier via a communication network, said program including 
program instructions for: 

selecting an authentication identifier in a memory as a function of the type of at least one 
of said terminal and type of said communication network (0044; 0048; 0049; 0053; 0056: an 
authentication method suitable for the user terminal is selected, by using the data of a request for 
service from a user terminal and various types of authentication methods are supported, and 
accordingly various types of terminals can be supported. The terminal information object 
preparation process, the carrier or communication employer and type of user terminal that issues 
an HTTP request are specified), and 

authenticating said user by an authentication process associated with said authentication 
identifier (0058; 0059: Using the determined authentication method, various types of data, for 
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example, a user's name, passwords, etc., required for the authentication process are obtained, and 
an authentication database is accessed, thereby checking the validity of a user terminal). 

Sawa does not explicitly teach the authentication identifier as a fimction of the provider 
identifier. Ritola, in analogous art, however teaches the authentication identifier as a function of 
the provider identifier (0048; 0051; 0052; provides service if authentication by identity provider 
identifier corresponding to each service provider stored in memory of the terminal is successful). 
Therefore, it would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to modify the system disclosed by Sawa to include the authentication 
identifier as a function of the provider identifier. This modification would have been obvious 
because a person having ordinary skill in the art would have been motivated to do so to provide a 
reliable and more secure automated authentication method and system from a service provider's 
authentications request without a user intervention as suggested by Ritola in (0005; 0006). 

As per claim 1 1 : 

Claim 11 is a data processor arrangement for performing the method of claim 9. 
Therefore, claim 1 1 is rejected with a similar rational and reason given above to reject claim 9 as 
being unpatentable over Sawa in view of Ritola. 

Conclusion 

12. The prior arts made of record and not relied upon are considered pertinent to applicant's 
disclosure. See the notice of reference cited in form PTO-892 for additional prior arts. 
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Contact Information 

13. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Techane J. Gergiso whose telephone number is (571) 272-3784 
and fax number is (571) 273-3784. The examiner can normally be reached on between 9:00am - 
6:00pm. If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 

system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

/Techane J. Gergiso/ 
Examiner, Art Unit 2437 



